<?php
    include __DIR__."/config/cors.php";
    include __DIR__."/database.php";
    include __DIR__."/log.php";
    session_start();
    $username = $_POST['username'];
    $password = $_POST['password'];
    $captcha = $_POST['captcha'];
    if (strtoupper($captcha )!= strtoupper($_SESSION['captcha'])){
        echo json_encode([
            "code" => 202,
            "msg"=>"验证码不正确"
        ]);
        exit;
    }

    $db = new DB();
    $sql = "select * from user where username = '$username' and password = '$password'";
    $data = $db->selectOne($sql);
    if (is_array($data) and count($data) > 0) {
        echo json_encode([
            "code" => 200,
            "msg"=>"登录成功"
        ]);
        mylog($data['id'],"登录成功","系统");
        $username = $data['username'];
        $role = $data['role'];
        $_SESSION['username'] = $username;
        setcookie("username",$username,time()+60*60*24*7,"/","www.dlrb.com",false,false);
        setcookie("role",$role,time()+60*60*24*7,"/","www.dlrb.com",false,false);
    }else {
        is_array($data) ? $msg = "用户名或密码错误" : $msg = "登录失败: ".$data;
        mylog(@$data['id'],"登录失败","系统");
        echo json_encode([
           "code" => 201,
           "msg"=> $msg
         ]);
    }
?>